CVEs from 2024
Total
6,597
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-56652 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe/reg_sr: Remove register pool That pool implementation doesn't really work: if the krealloc happens to move the memory and … | |||
| CVE-2024-26967 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: clk: qcom: camcc-sc8280xp: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated wit… | |||
| CVE-2024-13983 | unknown | — | — | — | Inappropriate implementation in Lens in Google Chrome on iOS prior to 136.0.7103.59 allowed a remote attacker to perform UI spoofing via a crafted QR code. (Chromium security severity: Low) | |||
| CVE-2024-26985 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix bo leak in intel_fb_bo_framebuffer_init Add a unreference bo in the error path, to prevent leaking a bo ref. Return … | |||
| CVE-2024-22029 | unknown | — | — | — | Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root | |||
| CVE-2024-56764 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ublk: detach gendisk from ublk device if add_disk() fails Inside ublk_abort_requests(), gendisk is grabbed for aborting all infli… | |||
| CVE-2024-27405 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs It is observed sometimes when tethering is used over NCM with … | |||
| CVE-2024-38439 | unknown | — | — | — | Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[PASSWDLEN] to '\0' in FPLoginExt in login in etc/uams/uams_pam.c. 2.4.1 and 3.1.19 are a… | |||
| CVE-2024-27007 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: userfaultfd: change src_folio after ensuring it's unpinned in UFFDIO_MOVE Commit d7a08838ab74 ("mm: userfaultfd: fix unexpected c… | |||
| CVE-2024-43837 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix null pointer dereference in resolve_prog_type() for BPF_PROG_TYPE_EXT When loading a EXT program without specifying `att… | |||
| CVE-2024-2174 | unknown | — | — | — | Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-56691 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device While design wise the idea of converting the driver to use the hi… | |||
| CVE-2024-56766 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double free in atmel_pmecc_create_user() The "user" pointer was converted from being allocated with kzalloc() t… | |||
| CVE-2024-35832 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bcachefs: kvfree bch_fs::snapshots in bch2_fs_snapshots_exit bch_fs::snapshots is allocated by kvzalloc in __snapshot_t_mut. It s… | |||
| CVE-2024-2626 | unknown | — | — | — | Out of bounds read in Swiftshader in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2024-26754 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() The gtp_net_ops pernet operations structure for the subsystem m… | |||
| CVE-2024-39466 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/qcom/lmh: Check for SCM availability at probe Up until now, the necessary scm availability check has not been per… | |||
| CVE-2024-36914 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip on writeback when it's not applicable [WHY] dynamic memory safety error detector (KASAN) catches and genera… | |||
| CVE-2024-42153 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr When del_timer_sync() is called in an interrupt contex… | |||
| CVE-2024-35909 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: Split 64bit accesses to fix alignment issues Some of the registers are aligned on a 32bit boundary, causing alig… | |||
| CVE-2024-35932 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane->state->fb == state->fb Currently, when using non-blocking commits, we can see the following kernel… | |||
| CVE-2024-2627 | unknown | — | — | — | Use after free in Canvas in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2024-42311 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() Syzbot reports uninitialized value access issue as below:… | |||
| CVE-2024-35970 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: af_unix: Clear stale u->oob_skb. syzkaller started to report deadlock of unix_gc_lock after commit 4090fa373f0e ("af_unix: Replac… | |||
| CVE-2024-7981 | unknown | — | — | — | Inappropriate implementation in Views in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2024-35883 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe In function pci1xxxx_spi_probe, there is a potent… | |||
| CVE-2024-7008 | unknown | — | — | — | Unsanitized user-input in Calibre <= 7.15.0 allow attackers to perform reflected cross-site scripting. | |||
| CVE-2024-11498 | unknown | — | — | — | There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL decoder to use large amounts of stack space (up to 256mb is possible, maybe 512mb), potentially exhau… | |||
| CVE-2024-6781 | unknown | — | — | — | Path traversal in Calibre <= 7.14.0 allow unauthenticated attackers to achieve arbitrary file read. | |||
| CVE-2024-56768 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpf_get_smp_processor_id() on !CONFIG_SMP On x86-64 calling bpf_get_smp_processor_id() in a kernel with CONFIG_SMP disab… | |||
| CVE-2024-7009 | unknown | — | — | — | Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database. | |||
| CVE-2024-36009 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ax25: Fix netdev refcount issue The dev_tracker is added to ax25_cb in ax25_bind(). When the ax25 device is detaching, the dev_tr… | |||
| CVE-2024-56656 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips The 5760X (P7) chip's HW GRO/LRO interface is very similar to tha… | |||
| CVE-2024-57926 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err The pointer need to be set to NULL, otherw… | |||
| CVE-2024-2631 | unknown | — | — | — | Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2024-46866 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: add missing bo locking in show_meminfo() bo_meminfo() wants to inspect bo state like tt and the ttm resource, howe… | |||
| CVE-2024-56592 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: Call free_htab_elem() after htab_unlock_bucket() For htab of maps, when the map is removed from the htab, it may hold the la… | |||
| CVE-2024-36972 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: af_unix: Update unix_sk(sk)->oob_skb under sk_receive_queue lock. Billy Jheng Bing-Jhong reported a race between __unix_gc() and … | |||
| CVE-2024-53427 | unknown | — | — | — | decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstra… | |||
| CVE-2024-38561 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: kunit: Fix kthread reference There is a race condition when a kthread finishes after the deadline and before the call to kthread_… | |||
| CVE-2024-3156 | unknown | — | — | — | Inappropriate implementation in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security se… | |||
| CVE-2024-27071 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: backlight: hx8357: Fix potential NULL pointer dereference The "im" pins are optional. Add missing check in the hx8357_probe(). | |||
| CVE-2024-3169 | unknown | — | — | — | Use after free in V8 in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-56695 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfd_get_cu_occupancy()' The `kfd_get_cu_occupancy` function previou… | |||
| CVE-2024-38636 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: f2fs: multidev: fix to recognize valid zero block address As reported by Yi Zhang in mailing list [1], kernel warning was catched… | |||
| CVE-2024-39894 | unknown | — | — | — | OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly, other timing at… | |||
| CVE-2024-3832 | unknown | — | — | — | Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2024-22386 | unknown | — | — | — | A race condition was found in the Linux kernel's drm/exynos device driver in exynos_drm_crtc_atomic_disable() function. This can result in a null pointer dereference issue, possibly leading to a kern… | |||
| CVE-2024-26997 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: host: Fix dereference issue in DDMA completion flow. Fixed variable dereference issue in DDMA completion flow. | |||
| CVE-2024-57899 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix mbss changed flags corruption on 32 bit systems On 32-bit systems, the size of an unsigned long is 4 bytes, w… | |||
| CVE-2024-3171 | unknown | — | — | — | Use after free in Accessibility in Google Chrome prior to 122.0.6261.57 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via spe… | |||
| CVE-2024-42140 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: riscv: kexec: Avoid deadlock in kexec crash path If the kexec crash code is called in the interrupt context, the machine_kexec_ma… | |||
| CVE-2024-56771 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mtd: spinand: winbond: Fix 512GW, 01GW, 01JW and 02JW ECC information These four chips: * W25N512GW * W25N01GW * W25N01JW * W25N0… | |||
| CVE-2024-42317 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: avoid PMD-size page cache if needed xarray can't support arbitrary page cache size. the largest and supported pa… | |||
| CVE-2024-4058 | unknown | — | — | — | Type confusion in ANGLE in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | |||
| CVE-2024-58096 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode ath11k_hal_srng_* should be used with srng->lock to protect sr… | |||
| CVE-2024-40909 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a potential use-after-free in bpf_link_free() After commit 1a80dbcb2dba, bpf_link can be freed by link->ops->dealloc_def… | |||
| CVE-2024-53065 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm/slab: fix warning caused by duplicate kmem_cache creation in kmem_buckets_create Commit b035f5a6d852 ("mm: slab: reduce the km… | |||
| CVE-2024-42150 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: txgbe: remove separate irq request for MSI and INTx When using MSI or INTx interrupts, request_irq() for pdev->irq will conf… | |||
| CVE-2024-36587 | unknown | — | — | — | Insecure permissions in DNSCrypt-proxy v2.0.0alpha9 to v2.1.5 allows non-privileged attackers to escalate privileges to root via overwriting the binary dnscrypt-proxy. | |||
| CVE-2024-40947 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ima: Avoid blocking in RCU read-side critical section A panic happens in ima_match_policy: BUG: unable to handle kernel NULL poi… | |||
| CVE-2024-40952 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix NULL pointer dereference in ocfs2_journal_dirty() bdev->bd_super has been removed and commit 8887b94d9322 change the u… | |||
| CVE-2024-58021 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: HID: winwing: Add NULL check in winwing_init_led() devm_kasprintf() can return a NULL pointer on failure,but this returned value … | |||
| CVE-2024-56655 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not defer rule destruction via call_rcu nf_tables_chain_destroy can sleep, it can't be used from call_rc… | |||
| CVE-2024-40981 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: batman-adv: bypass empty buckets in batadv_purge_orig_ref() Many syzbot reports are pointing to soft lockups in batadv_purge_orig… | |||
| CVE-2024-29506 | unknown | — | — | — | Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name. | |||
| CVE-2024-29509 | unknown | — | — | — | Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword (e.g., for runpdf) has a \000 byte in the middle. | |||
| CVE-2024-56774 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: add a sanity check for btrfs root in btrfs_search_slot() Syzbot reports a null-ptr-deref in btrfs_search_slot(). The repr… | |||
| CVE-2024-58022 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mailbox: th1520: Fix a NULL vs IS_ERR() bug The devm_ioremap() function doesn't return error pointers, it returns NULL. Update t… | |||
| CVE-2024-41047 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: i40e: Fix XDP program unloading while removing the driver The commit 6533e558c650 ("i40e: Fix reset path while removing the drive… | |||
| CVE-2024-58034 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() As of_find_node_by_name() release the refe… | |||
| CVE-2024-32492 | unknown | — | — | — | An issue was discovered in Znuny 7.0.1 through 7.0.16 where the ticket detail view in the customer front allows the execution of external JavaScript. | |||
| CVE-2024-46788 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The start_kthread() and stop_thread() code was not always called… | |||
| CVE-2024-46678 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bonding: change ipsec_lock from spin lock to mutex In the cited commit, bond->ipsec_lock is added to protect ipsec_list, hence xd… | |||
| CVE-2024-46955 | unknown | — | — | — | An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space. | |||
| CVE-2024-56776 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drm_atomic_get_crtc_state() needs to be checked. To av… | |||
| CVE-2024-58042 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: rhashtable: Fix potential deadlock by moving schedule_work outside lock Move the hash table growth check and work scheduling outs… | |||
| CVE-2024-26809 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: release elements in clone only from destroy path Clone already always provides a current view of the l… | |||
| CVE-2024-58052 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table The function atomctrl_get_smc_sclk_range_… | |||
| CVE-2024-58093 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 456d8aa37d0f ("PCI/ASPM: Disable ASPM on MFD functio… | |||
| CVE-2024-56696 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ALSA: core: Fix possible NULL dereference caused by kunit_kzalloc() kunit_kzalloc() may return a NULL pointer, dereferencing it w… | |||
| CVE-2024-36893 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Check for port partner validity before consuming it typec_register_partner() does not guarantee partner registr… | |||
| CVE-2024-58053 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix handling of received connection abort Fix the handling of a connection abort that we've received. Though the abort is… | |||
| CVE-2024-26655 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Fix memory leak in posix_clock_open() If the clk ops.open() function returns an error, we don't release the pccontext we allocate… | |||
| CVE-2024-42076 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939_send_one() syzbot reported kernel-infoleak in raw_recvmsg() [1]. j1939_send_one(… | |||
| CVE-2024-42083 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic due to multi-buffer handling Currently, the ionic_run_xdp() doesn't handle multi-buffer packets properly … | |||
| CVE-2024-42111 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: always do the basic checks for btrfs_qgroup_inherit structure [BUG] Syzbot reports the following regression detected by KA… | |||
| CVE-2024-42134 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: virtio-pci: Check if is_avq is NULL [bug] In the virtio_pci_common.c function vp_del_vqs, vp_dev->is_avq is involved to determine… | |||
| CVE-2024-36033 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching board id Add the missing sanity check when fetching the board id to avoid leaking sla… | |||
| CVE-2024-42151 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable Test case dummy_st_ops/dummy_init_ret_value passes NULL as the first … | |||
| CVE-2024-58055 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_tcm: Don't free command immediately Don't prematurely free the command. Wait for the status completion of the sens… | |||
| CVE-2024-56625 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: can: dev: can_set_termination(): allow sleeping GPIOs In commit 6e86a1543c37 ("can: dev: provide optional GPIO based termination … | |||
| CVE-2024-56697 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the memory allocation issue in amdgpu_discovery_get_nps_info() Fix two issues with memory allocation in amdgpu_di… | |||
| CVE-2024-42241 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm/shmem: disable PMD-sized page cache if needed For shmem files, it's possible that PMD-sized page cache can't be supported by x… | |||
| CVE-2024-56780 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: quota: flush quota_release_work upon quota writeback One of the paths quota writeback is called from is: freeze_super() sync_f… | |||
| CVE-2024-42251 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm: page_ref: remove folio_try_get_rcu() The below bug was reported on a non-SMP kernel: [ 275.267158][ T4335] ------------[ cu… | |||
| CVE-2024-26942 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: phy: qcom: at803x: fix kernel panic with at8031_probe On reworking and splitting the at803x driver, in splitting function of… | |||
| CVE-2024-42266 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: make cow_file_range_inline() honor locked_page on error The btrfs buffered write path runs through __extent_writepage() wh… | |||
| CVE-2024-56668 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix qi_batch NULL pointer with nested parent domain The qi_batch is allocated when assigning cache tag for a domain. … | |||
| CVE-2024-58092 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nfsd: fix legacy client tracking initialization Get rid of the nfsd4_legacy_tracking_ops->init() call in check_for_legacy_methods… |